Click here to Skip to main content
14,391,964 members
Rate this:
Please Sign up or sign in to vote.
See more:
Hello & Good Day!

Most Respectfully i state that, On Saturday 30th November 2019, Some Cyber Criminals Made A Ransomware Attack on my Workstation Computer. All the files on my computer was Encrypted and an Additional Extension (.hets) was assigned to all the Files. And now i can not access even a single file on my computer.

After a comprehensive search on the web, i found some Decrypting Tools, but unfortunately they could not Decrypt my Encrypted Files.

I am a Software Engineer, and i have many Professional Projects Saved on my computer that all have become Encrypted, that is a Huge Reason to worry for me.

Can anyone make some help ?

I will be very Grateful for this Act of Kind.

Thanks & Regards

Solution Hall

What I have tried:

I Used some Decrytion Tools but they could not Decrypt my files
Posted
Updated 3-Dec-19 6:50am
Rate this:
Please Sign up or sign in to vote.

Solution 1

If the tools can't do it, then almost certainly, you are stuffed. Not all ransomware encrypts files: some of it just scrambles it because it's easier and it doesn;t matter to them, they just want your money. Under no circumstances pay them anything - some do and then have to pay again, and again, and again ... until they realize that the ransomers won't / can't decrypt.

Restore from your last backup (you do take regular, comprehensive, air-gapped backups don't you?) and hope you didn't lose too much.

Treat this as a learning exercise: don't do what you did to get it - visit "dodgy" sites, run unknown EXE's, whatever it was.
Sorry - but there is nothing we can do to help.
   
Comments
CPallini 3-Dec-19 3:15am
   
5.
Rate this:
Please Sign up or sign in to vote.

Solution 2

Quote:
Can anyone make some help ?

Mostly impossible.
The are thousands of ransomwares and each can use a different encryption method, with a different key on each computer.
Your solutions are:
- format hhd and restore backups.
- wait until you find a decryption software matching the ransomware.
- pay the ransom in hope they will provide the decryption.

In any case, the first step would be to identify the ransomware.
   
Comments
CPallini 3-Dec-19 3:15am
   
5.
Patrice T 3-Dec-19 3:22am
   
Thank you
Richard MacCutchan 3-Dec-19 4:25am
   
You should never pay ransom, it just encourages criminals.
Patrice T 3-Dec-19 7:25am
   
I know and agree. That is why it is in third position.
Rate this:
Please Sign up or sign in to vote.

Solution 3

Without knowing how the files were encrypted, which algorithms were used, and the keys and IV's used in the encryption process, it's going to be impossible for you to decrypt the files.

If you have backups of these projects somewhere, that's the only way you're going to recover them.

If you didn't have backups of these "professional projects", you're not being a professional.
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100